Hi Team,
Need insights & clarity to collect the following logs from MacOS using rapid7 agent.
- Apple Unified logs
- TCC Usage
- Network Telemetry
- Persistence Monitoring
Have a look in your log search (start events etc) if that fits the bill. You can also work on ensuring that the agent collects more logs: Configure the Insight Agent to Send Additional Logs | InsightIDR Documentation
I believe these logs needs to be pulled locally and then stream to IDR platform but point is how to do this concurrently?